diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 02781cdb06..2006fbe744 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -25,7 +25,7 @@ jobs: extension: "", # We have this enabled for releases, so we should test it. extraArgs: "--features openssl/vendored", - bindleUrl: "https://bindle.blob.core.windows.net/releases/bindle-v0.8.0-linux-amd64.tar.gz", + bindleUrl: "https://bindle.blob.core.windows.net/releases/bindle-v0.9.0-rc.1-linux-amd64.tar.gz", bindleBinary: "bindle-server", pathInBindleArchive: "bindle-server", nomadUrl: "https://releases.hashicorp.com/nomad/1.3.1/nomad_1.3.1_linux_amd64.zip", @@ -41,7 +41,7 @@ jobs: os: "macos-latest", extension: "", extraArgs: "", - bindleUrl: "https://bindle.blob.core.windows.net/releases/bindle-v0.8.0-macos-amd64.tar.gz", + bindleUrl: "https://bindle.blob.core.windows.net/releases/bindle-v0.9.0-rc.1-macos-amd64.tar.gz", bindleBinary: "bindle-server", pathInBindleArchive: "bindle-server", nomadUrl: "https://releases.hashicorp.com/nomad/1.3.1/nomad_1.3.1_darwin_amd64.zip", @@ -53,7 +53,7 @@ jobs: os: "windows-latest", extension: ".exe", extraArgs: "", - bindleUrl: "https://bindle.blob.core.windows.net/releases/bindle-v0.8.0-windows-amd64.tar.gz", + bindleUrl: "https://bindle.blob.core.windows.net/releases/bindle-v0.9.0-rc.1-windows-amd64.tar.gz", bindleBinary: "bindle-server.exe", pathInBindleArchive: "bindle-server.exe", nomadUrl: "https://releases.hashicorp.com/nomad/1.3.1/nomad_1.3.1_windows_amd64.zip", diff --git a/Cargo.lock b/Cargo.lock index 6ff077c221..f77a4cb9e6 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -30,7 +30,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9e8b47f52ea9bae42228d07ec09eb676433d7c4ed1ebdf0f1d1c29ed446f1ab8" dependencies = [ "cfg-if", - "cipher", + "cipher 0.3.0", "cpufeatures", "opaque-debug", ] @@ -41,7 +41,7 @@ version = "0.7.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fcb51a0695d8f838b1ee009b3fbf66bda078cd64590202a864a8f3e8c4315c47" dependencies = [ - "getrandom 0.2.7", + "getrandom 0.2.8", "once_cell", "version_check", ] @@ -78,9 +78,9 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.65" +version = "1.0.66" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "98161a4e3e2184da77bb14f02184cdd111e83bbbcc9979dfee3c44b9a85f5602" +checksum = "216261ddc8289130e551ddcd5ce8a064710c0d064a4d2895c67151c92b5443f6" [[package]] name = "anymap2" @@ -103,16 +103,16 @@ dependencies = [ [[package]] name = "async-io" -version = "1.9.0" +version = "1.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "83e21f3a490c72b3b0cf44962180e60045de2925d8dff97918f7ee43c8f637c7" +checksum = "e8121296a9f05be7f34aa4196b1747243b3b62e048bb7906f644f3fbfc490cf7" dependencies = [ + "async-lock", "autocfg", "concurrent-queue", "futures-lite", "libc", "log", - "once_cell", "parking", "polling", "slab", @@ -121,11 +121,21 @@ dependencies = [ "winapi", ] +[[package]] +name = "async-lock" +version = "2.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c8101efe8695a6c17e02911402145357e718ac92d3ff88ae8419e84b1707b685" +dependencies = [ + "event-listener", + "futures-lite", +] + [[package]] name = "async-trait" -version = "0.1.57" +version = "0.1.58" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "76464446b8bc32758d7e88ee1a804d9914cd9b1cb264c029899680b0be29826f" +checksum = "1e805d94e6b5001b651426cf4cd446b1ab5f319d27bab5c644f61de0a804360c" dependencies = [ "proc-macro2", "quote", @@ -166,9 +176,9 @@ dependencies = [ [[package]] name = "base64" -version = "0.13.0" +version = "0.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd" +checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" [[package]] name = "bcrypt" @@ -177,8 +187,19 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f691e63585950d8c1c43644d11bab9073e40f5060dd2822734ae7c3dc69a3a80" dependencies = [ "base64", - "blowfish", - "getrandom 0.2.7", + "blowfish 0.8.0", + "getrandom 0.2.8", +] + +[[package]] +name = "bcrypt" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c8d70a6d9cd7179c1020c7f48512203ffe48cd1a442359e5f81881bf2cc165ac" +dependencies = [ + "base64", + "blowfish 0.9.1", + "getrandom 0.2.8", ] [[package]] @@ -199,7 +220,7 @@ dependencies = [ "async-compression", "async-trait", "base64", - "bcrypt", + "bcrypt 0.10.1", "bytes", "dirs 4.0.0", "ed25519-dalek", @@ -221,7 +242,7 @@ dependencies = [ "sled", "tempfile", "thiserror", - "time 0.3.15", + "time 0.3.17", "tokio", "tokio-stream", "tokio-tar", @@ -232,6 +253,46 @@ dependencies = [ "url", ] +[[package]] +name = "bindle" +version = "0.9.0-rc.1" +source = "git+https://github.com/deislabs/bindle?branch=main#6a4775bcaca98e7a530954969f3dd0926c569167" +dependencies = [ + "anyhow", + "async-compression", + "async-trait", + "base64", + "bcrypt 0.11.0", + "bytes", + "dirs 4.0.0", + "ed25519-dalek", + "futures", + "jsonwebtoken", + "lru", + "mime_guess", + "oauth2", + "rand 0.7.3", + "remove_dir_all 0.7.0", + "reqwest", + "semver 1.0.14", + "serde", + "serde_cbor", + "serde_json", + "sha2 0.10.6", + "sled", + "tempfile", + "thiserror", + "time 0.3.17", + "tokio", + "tokio-stream", + "tokio-tar", + "tokio-util 0.7.4", + "toml", + "tracing", + "tracing-futures", + "url", +] + [[package]] name = "bitflags" version = "1.3.2" @@ -269,7 +330,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2cb03d1bed155d89dce0f845b7899b18a9a163e148fd004e1c28421a783e2d8e" dependencies = [ "block-padding", - "cipher", + "cipher 0.3.0", ] [[package]] @@ -285,10 +346,20 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fe3ff3fc1de48c1ac2e3341c4df38b0d1bfb8fdf04632a187c8b75aaa319a7ab" dependencies = [ "byteorder", - "cipher", + "cipher 0.3.0", "opaque-debug", ] +[[package]] +name = "blowfish" +version = "0.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e412e2cd0f2b2d93e02543ceae7917b3c70331573df19ee046bcbc35e45e87d7" +dependencies = [ + "byteorder", + "cipher 0.4.3", +] + [[package]] name = "bstr" version = "0.2.17" @@ -303,9 +374,9 @@ dependencies = [ [[package]] name = "bumpalo" -version = "3.11.0" +version = "3.11.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c1ad822118d20d2c234f427000d5acc36eabe1e29a348c89b63dd60b13f28e5d" +checksum = "572f695136211188308f16ad2ca5c851a712c464060ae6974944458eb83880ba" [[package]] name = "byteorder" @@ -334,7 +405,7 @@ dependencies = [ "cap-primitives", "cap-std", "io-lifetimes", - "windows-sys", + "windows-sys 0.36.1", ] [[package]] @@ -351,7 +422,7 @@ dependencies = [ "maybe-owned", "rustix", "winapi-util", - "windows-sys", + "windows-sys 0.36.1", "winx", ] @@ -406,9 +477,9 @@ checksum = "37b2a672a2cb129a2e41c10b1224bb368f9f37a2b16b612598138befd7b37eb5" [[package]] name = "cc" -version = "1.0.73" +version = "1.0.76" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2fff2a6927b3bb87f9595d67196a70493f627687a71d87a0d692242c33f58c11" +checksum = "76a284da2e6fe2092f2353e51713435363112dfd60030e22add80be333fb928f" dependencies = [ "jobserver", ] @@ -450,6 +521,16 @@ dependencies = [ "generic-array", ] +[[package]] +name = "cipher" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d1873270f8f7942c191139cb8a40fd228da6c3fd2fc376d7e92d47aa14aeb59e" +dependencies = [ + "crypto-common", + "inout", +] + [[package]] name = "clap" version = "2.34.0" @@ -463,9 +544,9 @@ dependencies = [ [[package]] name = "clap" -version = "3.2.22" +version = "3.2.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "86447ad904c7fb335a790c9d7fe3d0d971dc523b8ccd1561a520de9a85302750" +checksum = "71655c45cb9845d3270c9d6df84ebe72b4dad3c2ba3f7023ad47c144e4e473a5" dependencies = [ "atty", "bitflags", @@ -475,7 +556,7 @@ dependencies = [ "once_cell", "strsim", "termcolor", - "textwrap 0.15.1", + "textwrap 0.16.0", ] [[package]] @@ -516,8 +597,8 @@ version = "0.1.0" dependencies = [ "anyhow", "async-trait", - "bindle", - "clap 3.2.22", + "bindle 0.8.0", + "clap 3.2.23", "cloud-openapi", "colored", "dialoguer 0.9.0", @@ -955,9 +1036,9 @@ dependencies = [ [[package]] name = "cxx" -version = "1.0.79" +version = "1.0.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3f83d0ebf42c6eafb8d7c52f7e5f2d3003b89c7aa4fd2b79229209459a849af8" +checksum = "97abf9f0eca9e52b7f81b945524e76710e6cb2366aead23b7d4fbf72e281f888" dependencies = [ "cc", "cxxbridge-flags", @@ -967,9 +1048,9 @@ dependencies = [ [[package]] name = "cxx-build" -version = "1.0.79" +version = "1.0.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "07d050484b55975889284352b0ffc2ecbda25c0c55978017c132b29ba0818a86" +checksum = "7cc32cc5fea1d894b77d269ddb9f192110069a8a9c1f1d441195fba90553dea3" dependencies = [ "cc", "codespan-reporting", @@ -982,15 +1063,15 @@ dependencies = [ [[package]] name = "cxxbridge-flags" -version = "1.0.79" +version = "1.0.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "99d2199b00553eda8012dfec8d3b1c75fce747cf27c169a270b3b99e3448ab78" +checksum = "8ca220e4794c934dc6b1207c3b42856ad4c302f2df1712e9f8d2eec5afaacf1f" [[package]] name = "cxxbridge-macro" -version = "1.0.79" +version = "1.0.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dcb67a6de1f602736dd7eaead0080cf3435df806c61b24b13328db128c58868f" +checksum = "b846f081361125bfc8dc9d3940c84e1fd83ba54bbca7b17cd29483c828be0704" dependencies = [ "proc-macro2", "quote", @@ -1009,12 +1090,12 @@ dependencies = [ [[package]] name = "darling" -version = "0.14.1" +version = "0.14.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4529658bdda7fd6769b8614be250cdcfc3aeb0ee72fe66f9e41e5e5eb73eac02" +checksum = "b0dd3cd20dc6b5a876612a6e5accfe7f3dd883db6d07acfbf14c128f61550dfa" dependencies = [ - "darling_core 0.14.1", - "darling_macro 0.14.1", + "darling_core 0.14.2", + "darling_macro 0.14.2", ] [[package]] @@ -1033,9 +1114,9 @@ dependencies = [ [[package]] name = "darling_core" -version = "0.14.1" +version = "0.14.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "649c91bc01e8b1eac09fb91e8dbc7d517684ca6be8ebc75bb9cafc894f9fdb6f" +checksum = "a784d2ccaf7c98501746bf0be29b2022ba41fd62a2e622af997a03e9f972859f" dependencies = [ "fnv", "ident_case", @@ -1058,11 +1139,11 @@ dependencies = [ [[package]] name = "darling_macro" -version = "0.14.1" +version = "0.14.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ddfc69c5bfcbd2fc09a0f38451d2daf0e372e367986a83906d1b0dbc88134fb5" +checksum = "7618812407e9402654622dd402b0a89dff9ba93badd6540781526117b92aab7e" dependencies = [ - "darling_core 0.14.1", + "darling_core 0.14.2", "quote", "syn", ] @@ -1093,7 +1174,7 @@ version = "0.11.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1f91d4cfa921f1c05904dc3c57b4a32c38aed3340cce209f3a6fd1478babafc4" dependencies = [ - "darling 0.14.1", + "darling 0.14.2", "proc-macro2", "quote", "syn", @@ -1219,12 +1300,9 @@ checksum = "fea41bba32d969b513997752735605054bc0dfa92b4c56bf1189f2e174be7a10" [[package]] name = "dotenvy" -version = "0.15.5" +version = "0.15.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed9155c8f4dc55c7470ae9da3f63c6785245093b3f6aeb0f5bf2e968efbba314" -dependencies = [ - "dirs 4.0.0", -] +checksum = "03d8c417d7a8cb362e0c37e5d815f5eb7c37f79ff93707329d5a194e42e54ca0" [[package]] name = "downcast-rs" @@ -1325,9 +1403,9 @@ dependencies = [ [[package]] name = "env_logger" -version = "0.9.1" +version = "0.9.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c90bf5f19754d10198ccb95b70664fc925bd1fc090a0fd9a6ebc54acc8cd6272" +checksum = "a12e6657c4c97ebab115a42dcee77225f7f482cdd841cf7088c657a42e9e00e7" dependencies = [ "atty", "humantime", @@ -1357,6 +1435,12 @@ dependencies = [ "libc", ] +[[package]] +name = "event-listener" +version = "2.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0206175f82b8d6bf6652ff7d71a1e27fd2e4efde587fd368662814d6ec1d9ce0" + [[package]] name = "fallible-iterator" version = "0.2.0" @@ -1384,14 +1468,14 @@ dependencies = [ [[package]] name = "filetime" -version = "0.2.17" +version = "0.2.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e94a7bbaa59354bc20dd75b67f23e2797b4490e9d6928203fb105c79e448c86c" +checksum = "4b9663d381d07ae25dc88dbdf27df458faa83a9b25336bcac83d5e452b5fc9d3" dependencies = [ "cfg-if", "libc", "redox_syscall", - "windows-sys", + "windows-sys 0.42.0", ] [[package]] @@ -1442,7 +1526,7 @@ checksum = "a267b6a9304912e018610d53fe07115d8b530b160e85db4d2d3a59f3ddde1aec" dependencies = [ "io-lifetimes", "rustix", - "windows-sys", + "windows-sys 0.36.1", ] [[package]] @@ -1463,9 +1547,9 @@ checksum = "2022715d62ab30faffd124d40b76f4134a550a87792276512b18d63272333394" [[package]] name = "futures" -version = "0.3.24" +version = "0.3.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7f21eda599937fba36daeb58a22e8f5cee2d14c4a17b5b7739c7c8e5e3b8230c" +checksum = "38390104763dc37a5145a53c29c63c1290b5d316d6086ec32c293f6736051bb0" dependencies = [ "futures-channel", "futures-core", @@ -1478,9 +1562,9 @@ dependencies = [ [[package]] name = "futures-channel" -version = "0.3.24" +version = "0.3.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "30bdd20c28fadd505d0fd6712cdfcb0d4b5648baf45faef7f852afb2399bb050" +checksum = "52ba265a92256105f45b719605a571ffe2d1f0fea3807304b522c1d778f79eed" dependencies = [ "futures-core", "futures-sink", @@ -1488,15 +1572,15 @@ dependencies = [ [[package]] name = "futures-core" -version = "0.3.24" +version = "0.3.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4e5aa3de05362c3fb88de6531e6296e85cde7739cccad4b9dfeeb7f6ebce56bf" +checksum = "04909a7a7e4633ae6c4a9ab280aeb86da1236243a77b694a49eacd659a4bd3ac" [[package]] name = "futures-executor" -version = "0.3.24" +version = "0.3.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9ff63c23854bee61b6e9cd331d523909f238fc7636290b96826e9cfa5faa00ab" +checksum = "7acc85df6714c176ab5edf386123fafe217be88c0840ec11f199441134a074e2" dependencies = [ "futures-core", "futures-task", @@ -1505,9 +1589,9 @@ dependencies = [ [[package]] name = "futures-io" -version = "0.3.24" +version = "0.3.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bbf4d2a7a308fd4578637c0b17c7e1c7ba127b8f6ba00b29f717e9655d85eb68" +checksum = "00f5fb52a06bdcadeb54e8d3671f8888a39697dcb0b81b23b55174030427f4eb" [[package]] name = "futures-lite" @@ -1526,9 +1610,9 @@ dependencies = [ [[package]] name = "futures-macro" -version = "0.3.24" +version = "0.3.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "42cd15d1c7456c04dbdf7e88bcd69760d74f3a798d6444e16974b505b0e62f17" +checksum = "bdfb8ce053d86b91919aad980c220b1fb8401a9394410e1c289ed7e66b61835d" dependencies = [ "proc-macro2", "quote", @@ -1537,21 +1621,21 @@ dependencies = [ [[package]] name = "futures-sink" -version = "0.3.24" +version = "0.3.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "21b20ba5a92e727ba30e72834706623d94ac93a725410b6a6b6fbc1b07f7ba56" +checksum = "39c15cf1a4aa79df40f1bb462fb39676d0ad9e366c2a33b590d7c66f4f81fcf9" [[package]] name = "futures-task" -version = "0.3.24" +version = "0.3.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a6508c467c73851293f390476d4491cf4d227dbabcd4170f3bb6044959b294f1" +checksum = "2ffb393ac5d9a6eaa9d3fdf37ae2776656b706e200c8e16b1bdb227f5198e6ea" [[package]] name = "futures-util" -version = "0.3.24" +version = "0.3.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "44fb6cb1be61cc1d2e43b262516aafcf63b241cffdb1d3fa115f91d9c7b09c90" +checksum = "197676987abd2f9cadff84926f410af1c183608d36641465df73ae8211dc65d6" dependencies = [ "futures-channel", "futures-core", @@ -1597,9 +1681,9 @@ dependencies = [ [[package]] name = "getrandom" -version = "0.2.7" +version = "0.2.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4eb1a864a501629691edf6c15a593b7a51eebaa1e8468e9ddc623de7c9b58ec6" +checksum = "c05aeb6a22b8f62540c194aac980f2115af067bfe15a0734d7277a768d396b31" dependencies = [ "cfg-if", "js-sys", @@ -1652,9 +1736,9 @@ checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574" [[package]] name = "h2" -version = "0.3.14" +version = "0.3.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5ca32592cf21ac7ccab1825cd87f6c9b3d9022c44d086172ed0966bec8af30be" +checksum = "5f9f29bc9dda355256b2916cf526ab02ce0aeaaaf2bad60d65ef3f12f11dd0f4" dependencies = [ "bytes", "fnv", @@ -1733,7 +1817,7 @@ source = "git+https://github.com/deislabs/hippo-cli?tag=v0.16.1#73315f55fadd2bb0 dependencies = [ "anyhow", "async-trait", - "clap 3.2.22", + "clap 3.2.23", "colored", "dialoguer 0.9.0", "dirs 4.0.0", @@ -1841,9 +1925,9 @@ checksum = "9a3a5bfb195931eeb336b2a7b4d761daec841b97f947d34394601737a7bba5e4" [[package]] name = "hyper" -version = "0.14.20" +version = "0.14.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "02c929dc5c39e335a03c405292728118860721b10190d98c2a0f0efd5baafbac" +checksum = "034711faac9d2166cb1baf1a2fb0b60b1f277f8492fd72176c17f3515e1abd3c" dependencies = [ "bytes", "futures-channel", @@ -1891,9 +1975,9 @@ dependencies = [ [[package]] name = "iana-time-zone" -version = "0.1.51" +version = "0.1.53" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f5a6ef98976b22b3b7f2f3a806f858cb862044cfa66805aa3ad84cb3d3b785ed" +checksum = "64c122667b287044802d6ce17ee2ddf13207ed924c712de9a66a5814d5b64765" dependencies = [ "android_system_properties", "core-foundation-sys", @@ -1946,6 +2030,15 @@ dependencies = [ "serde", ] +[[package]] +name = "inout" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5" +dependencies = [ + "generic-array", +] + [[package]] name = "instant" version = "0.1.12" @@ -1962,24 +2055,24 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4a5d8c2ab5becd8720e30fd25f8fa5500d8dc3fceadd8378f05859bd7b46fc49" dependencies = [ "io-lifetimes", - "windows-sys", + "windows-sys 0.36.1", ] [[package]] name = "io-lifetimes" -version = "0.7.3" +version = "0.7.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1ea37f355c05dde75b84bba2d767906ad522e97cd9e2eef2be7a4ab7fb442c06" +checksum = "59ce5ef949d49ee85593fc4d3f3f95ad61657076395cbbce23e2121fc5542074" dependencies = [ "libc", - "windows-sys", + "windows-sys 0.42.0", ] [[package]] name = "ipnet" -version = "2.5.0" +version = "2.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "879d54834c8c76457ef4293a689b2a8c59b076067ad77b15efafbb05f92a592b" +checksum = "f88c5561171189e69df9d98bcf18fd5f9558300f7ea7b801eb8a0fd748bd8745" [[package]] name = "is-terminal" @@ -1990,7 +2083,7 @@ dependencies = [ "hermit-abi 0.2.6", "io-lifetimes", "rustix", - "windows-sys", + "windows-sys 0.36.1", ] [[package]] @@ -2116,9 +2209,9 @@ checksum = "884e2677b40cc8c339eaefcb701c32ef1fd2493d71118dc0ca4b6a736c93bd67" [[package]] name = "libc" -version = "0.2.135" +version = "0.2.137" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "68783febc7782c6c5cb401fbda4de5a9898be1762314da0bb2c10ced61f18b0c" +checksum = "fc7fcc620a3bff7cdd7a365be3376c97191aeaccc2a603e600951e452615bf89" [[package]] name = "libgit2-sys" @@ -2134,9 +2227,9 @@ dependencies = [ [[package]] name = "libloading" -version = "0.7.3" +version = "0.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "efbc0f03f9a775e9f6aed295c6a1ba2253c5757a9e03d55c6caa46a681abcddd" +checksum = "b67380fd3b2fbe7527a606e18729d21c6f3951633d0500574c4dc22d2d638b9f" dependencies = [ "cfg-if", "winapi", @@ -2363,14 +2456,14 @@ dependencies = [ [[package]] name = "mio" -version = "0.8.4" +version = "0.8.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "57ee1c23c7c63b0c9250c339ffdc69255f110b298b901b9f6c82547b7b87caaf" +checksum = "e5d732bc30207a6423068df043e3d02e0735b155ad7ce1a6f76fe2baa5b158de" dependencies = [ "libc", "log", "wasi 0.11.0+wasi-snapshot-preview1", - "windows-sys", + "windows-sys 0.42.0", ] [[package]] @@ -2381,9 +2474,9 @@ checksum = "7843ec2de400bcbc6a6328c958dc38e5359da6e93e72e37bc5246bf1ae776389" [[package]] name = "native-tls" -version = "0.2.10" +version = "0.2.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fd7e2f3618557f980e0b17e8856252eee3c97fa12c54dff0ca290fb6266ca4a9" +checksum = "07226173c32f2926027b63cce4bcd8076c3552846cbe7925f3aaffeac0a3b92e" dependencies = [ "lazy_static", "libc", @@ -2598,9 +2691,9 @@ dependencies = [ [[package]] name = "num_cpus" -version = "1.13.1" +version = "1.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "19e64526ebdee182341572e50e9ad03965aa510cd94427a4549448f285e957a1" +checksum = "f6058e64324c71e02bc2b150e4f3bc8286db6c83092132ffa3f6b1eab0f9def5" dependencies = [ "hermit-abi 0.1.19", "libc", @@ -2627,24 +2720,15 @@ dependencies = [ "syn", ] -[[package]] -name = "num_threads" -version = "0.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2819ce041d2ee131036f4fc9d6ae7ae125a3a40e97ba64d04fe799ad9dabbb44" -dependencies = [ - "libc", -] - [[package]] name = "oauth2" -version = "4.2.3" +version = "4.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6d62c436394991641b970a92e23e8eeb4eb9bca74af4f5badc53bcd568daadbd" +checksum = "eeaf26a72311c087f8c5ba617c96fac67a5c04f430e716ac8d8ab2de62e23368" dependencies = [ "base64", "chrono", - "getrandom 0.2.7", + "getrandom 0.2.8", "http", "rand 0.8.5", "reqwest", @@ -2708,9 +2792,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.15.0" +version = "1.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e82dad04139b71a90c080c8463fe0dc7902db5192d939bd0950f074d014339e1" +checksum = "86f0b0d4bf799edbc74508c1e8bf170ff5f41238e5f8225603ca7caaae2b7860" [[package]] name = "oorandom" @@ -2758,9 +2842,9 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" [[package]] name = "openssl-sys" -version = "0.9.76" +version = "0.9.77" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5230151e44c0f05157effb743e8d517472843121cf9243e8b81393edb5acd9ce" +checksum = "b03b84c3b2d099b81f0953422b4d4ad58761589d0229b5506356afca05a3670a" dependencies = [ "autocfg", "cc", @@ -2771,9 +2855,9 @@ dependencies = [ [[package]] name = "os_str_bytes" -version = "6.3.0" +version = "6.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9ff7415e9ae3fff1225851df9e0d9e4e5479f947619774677a63572e55e80eff" +checksum = "3baf96e39c5359d2eb0dd6ccb42c62b91d9678aa68160d261b9e0ccbf9e9dea9" [[package]] name = "ouroboros" @@ -2866,7 +2950,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f" dependencies = [ "lock_api", - "parking_lot_core 0.9.3", + "parking_lot_core 0.9.4", ] [[package]] @@ -2885,15 +2969,15 @@ dependencies = [ [[package]] name = "parking_lot_core" -version = "0.9.3" +version = "0.9.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "09a279cbf25cb0757810394fbc1e359949b59e348145c643a939a525692e6929" +checksum = "4dc9e0dc2adc1c69d09143aff38d3d30c5c3f0df0dad82e6d25547af174ebec0" dependencies = [ "cfg-if", "libc", "redox_syscall", "smallvec", - "windows-sys", + "windows-sys 0.42.0", ] [[package]] @@ -2943,9 +3027,9 @@ checksum = "478c572c3d73181ff3c2539045f6eb99e5491218eae919370993b890cdbdd98e" [[package]] name = "pest" -version = "2.4.0" +version = "2.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dbc7bc69c062e492337d74d59b120c274fd3d261b6bf6d3207d499b4b379c41a" +checksum = "a528564cc62c19a7acac4d81e01f39e53e25e17b934878f4c6d25cc2836e62f8" dependencies = [ "thiserror", "ucd-trie", @@ -2953,9 +3037,9 @@ dependencies = [ [[package]] name = "pest_derive" -version = "2.4.0" +version = "2.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "60b75706b9642ebcb34dab3bc7750f811609a0eb1dd8b88c2d15bf628c1c65b2" +checksum = "d5fd9bc6500181952d34bd0b2b0163a54d794227b498be0b7afa7698d0a7b18f" dependencies = [ "pest", "pest_generator", @@ -2963,9 +3047,9 @@ dependencies = [ [[package]] name = "pest_generator" -version = "2.4.0" +version = "2.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f4f9272122f5979a6511a749af9db9bfc810393f63119970d7085fed1c4ea0db" +checksum = "d2610d5ac5156217b4ff8e46ddcef7cdf44b273da2ac5bca2ecbfa86a330e7c4" dependencies = [ "pest", "pest_meta", @@ -2976,9 +3060,9 @@ dependencies = [ [[package]] name = "pest_meta" -version = "2.4.0" +version = "2.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c8717927f9b79515e565a64fe46c38b8cd0427e64c40680b14a7365ab09ac8d" +checksum = "824749bf7e21dd66b36fbe26b3f45c713879cccd4a009a917ab8e045ca8246fe" dependencies = [ "once_cell", "pest", @@ -3037,9 +3121,9 @@ checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" [[package]] name = "pkg-config" -version = "0.3.25" +version = "0.3.26" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1df8c4ec4b0627e53bdf214615ad287367e482558cf84b109250b37464dc03ae" +checksum = "6ac9a59f73473f1b8d852421e59e64809f025994837ef743615c6d0c5b305160" [[package]] name = "plotters" @@ -3071,9 +3155,9 @@ dependencies = [ [[package]] name = "polling" -version = "2.3.0" +version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "899b00b9c8ab553c743b3e11e87c5c7d423b2a2de229ba95b24a756344748011" +checksum = "ab4609a838d88b73d8238967b60dd115cc08d38e2bbaf51ee1e4b695f89122e2" dependencies = [ "autocfg", "cfg-if", @@ -3114,9 +3198,9 @@ dependencies = [ [[package]] name = "ppv-lite86" -version = "0.2.16" +version = "0.2.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eb9f9e6e233e5c4a35559a617bf40a4ec447db2e84c20b55a6f83167b7e57872" +checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" [[package]] name = "proc-macro-crate" @@ -3298,7 +3382,7 @@ version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" dependencies = [ - "getrandom 0.2.7", + "getrandom 0.2.8", ] [[package]] @@ -3369,7 +3453,7 @@ version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b033d837a7cf162d7993aded9304e30a83213c648b6e389db233191f891e5c2b" dependencies = [ - "getrandom 0.2.7", + "getrandom 0.2.8", "redox_syscall", "thiserror", ] @@ -3388,9 +3472,9 @@ dependencies = [ [[package]] name = "regex" -version = "1.6.0" +version = "1.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c4eb3267174b8c6c2f654116623910a0fef09c4753f8dd83db29c48a0df988b" +checksum = "e076559ef8e241f2ae3479e36f97bd5741c0330689e217ad51ce2c76808b868a" dependencies = [ "aho-corasick", "memchr", @@ -3408,9 +3492,9 @@ dependencies = [ [[package]] name = "regex-syntax" -version = "0.6.27" +version = "0.6.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a3f87b73ce11b1619a3c6332f45341e0047173771e8b8b73f87bfeefb7b56244" +checksum = "456c603be3e8d448b072f410900c09faf164fbce2d480456f50eea6e25f9c848" [[package]] name = "region" @@ -3433,6 +3517,19 @@ dependencies = [ "winapi", ] +[[package]] +name = "remove_dir_all" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "882f368737489ea543bc5c340e6f3d34a28c39980bd9a979e47322b26f60ac40" +dependencies = [ + "libc", + "log", + "num_cpus", + "rayon", + "winapi", +] + [[package]] name = "reqwest" version = "0.11.12" @@ -3494,9 +3591,9 @@ dependencies = [ [[package]] name = "rpassword" -version = "7.0.0" +version = "7.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "26b763cb66df1c928432cc35053f8bd4cec3335d8559fc16010017d16b3c1680" +checksum = "20c9f5d2a0c3e2ea729ab3706d22217177770654c3ef5056b68b69d07332d3f5" dependencies = [ "libc", "winapi", @@ -3544,9 +3641,9 @@ dependencies = [ [[package]] name = "rustix" -version = "0.35.11" +version = "0.35.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fbb2fda4666def1433b1b05431ab402e42a1084285477222b72d6c564c417cef" +checksum = "727a1a6d65f786ec22df8a81ca3121107f235970dc1705ed681d3e6e8b9cd5f9" dependencies = [ "bitflags", "errno", @@ -3555,14 +3652,14 @@ dependencies = [ "libc", "linux-raw-sys", "once_cell", - "windows-sys", + "windows-sys 0.42.0", ] [[package]] name = "rustls" -version = "0.20.6" +version = "0.20.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5aab8ee6c7097ed6057f43c187a62418d0c05a4bd5f18b3571db50ee0f9ce033" +checksum = "539a2bfe908f471bfa933876bd1eb6a19cf2176d375f82ef7f99530a40e48c2c" dependencies = [ "log", "ring", @@ -3626,14 +3723,14 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "88d6731146462ea25d9244b2ed5fd1d716d25c52e4d54aa4fb0f3c4e9854dbe2" dependencies = [ "lazy_static", - "windows-sys", + "windows-sys 0.36.1", ] [[package]] name = "scoped-tls" -version = "1.0.0" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ea6a9290e3c9cf0f18145ef7ffa62d68ee0bf5fcd651017e586dc7fd5da448c2" +checksum = "e1cf6437eb19a8f4a6cc0f7dca544973b0b78843adbfeb3683d1a94a0024a294" [[package]] name = "scopeguard" @@ -3730,9 +3827,9 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.145" +version = "1.0.147" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "728eb6351430bccb993660dfffc5a72f91ccc1295abaa8ce19b27ebe4f75568b" +checksum = "d193d69bae983fc11a79df82342761dfbf28a99fc8d203dca4c3c1b590948965" dependencies = [ "serde_derive", ] @@ -3749,9 +3846,9 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.145" +version = "1.0.147" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "81fa1584d3d1bcacd84c277a0dfe21f5b0f6accf4a23d04d4c6d61f1af522b4c" +checksum = "4f1d362ca8fc9c3e3a7484440752472d68a6caa98f1ab81d99b5dfe517cec852" dependencies = [ "proc-macro2", "quote", @@ -3760,9 +3857,9 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.86" +version = "1.0.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "41feea4228a6f1cd09ec7a3593a682276702cd67b5273544757dae23c096f074" +checksum = "6ce777b7b150d76b9cf60d28b55f5847135a003f7d7350c6be7a773508ce7d45" dependencies = [ "itoa 1.0.4", "ryu", @@ -3914,7 +4011,7 @@ dependencies = [ "num-bigint", "num-traits", "thiserror", - "time 0.3.15", + "time 0.3.17", ] [[package]] @@ -4010,7 +4107,7 @@ version = "0.5.0" dependencies = [ "anyhow", "cap-std", - "clap 3.2.22", + "clap 3.2.23", "rand 0.8.5", "rand_chacha 0.3.1", "rand_core 0.6.4", @@ -4056,11 +4153,11 @@ dependencies = [ "anyhow", "async-trait", "atty", - "bindle", + "bindle 0.9.0-rc.1", "bytes", "cargo-target-dep", "chrono", - "clap 3.2.22", + "clap 3.2.23", "cloud", "cloud-openapi", "comfy-table", @@ -4151,7 +4248,7 @@ version = "0.2.0" dependencies = [ "anyhow", "async-trait", - "clap 3.2.22", + "clap 3.2.23", "criterion", "futures", "futures-util", @@ -4180,8 +4277,9 @@ version = "0.2.0" dependencies = [ "anyhow", "async-trait", - "bindle", + "bindle 0.9.0-rc.1", "bytes", + "dirs 4.0.0", "futures", "glob", "itertools", @@ -4190,15 +4288,17 @@ dependencies = [ "path-absolutize", "regex", "reqwest", + "semver 1.0.14", "serde", "sha2 0.10.6", "spin-config", "spin-manifest", "tempfile", "tokio", - "tokio-util 0.6.10", + "tokio-util 0.7.4", "toml", "tracing", + "url", "walkdir", ] @@ -4254,7 +4354,8 @@ name = "spin-publish" version = "0.2.0" dependencies = [ "anyhow", - "bindle", + "bindle 0.9.0-rc.1", + "dirs 4.0.0", "dunce", "futures", "itertools", @@ -4374,7 +4475,7 @@ version = "0.2.0" dependencies = [ "anyhow", "async-trait", - "clap 3.2.22", + "clap 3.2.23", "ctrlc", "dirs 4.0.0", "futures", @@ -4468,9 +4569,9 @@ checksum = "a7973cce6668464ea31f176d85b13c7ab3bba2cb3b77a2ed26abd7801688010a" [[package]] name = "syn" -version = "1.0.102" +version = "1.0.103" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3fcd952facd492f9be3ef0d0b7032a6e442ee9b361d4acc2b1d0c4aaa5f613a1" +checksum = "a864042229133ada95abf3b54fdc62ef5ccabe9515b64717bcb9a1919e59445d" dependencies = [ "proc-macro2", "quote", @@ -4501,7 +4602,7 @@ dependencies = [ "cap-std", "io-lifetimes", "rustix", - "windows-sys", + "windows-sys 0.36.1", "winx", ] @@ -4518,9 +4619,9 @@ dependencies = [ [[package]] name = "target-lexicon" -version = "0.12.4" +version = "0.12.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c02424087780c9b71cc96799eaeddff35af2bc513278cda5c99fc1f5d026d3c1" +checksum = "9410d0f6853b1d94f0e519fb95df60f29d2c1eff2d921ffdf01a4c8a3b54f12d" [[package]] name = "tempfile" @@ -4532,7 +4633,7 @@ dependencies = [ "fastrand", "libc", "redox_syscall", - "remove_dir_all", + "remove_dir_all 0.5.3", "winapi", ] @@ -4566,9 +4667,9 @@ dependencies = [ [[package]] name = "textwrap" -version = "0.15.1" +version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "949517c0cf1bf4ee812e2e07e08ab448e3ae0d23472aee8a06c985f0c8815b16" +checksum = "222a222a5bfe1bba4a77b45ec488a741b3cb8872e5e499451fd7d0129c9c7c3d" [[package]] name = "thiserror" @@ -4612,22 +4713,30 @@ dependencies = [ [[package]] name = "time" -version = "0.3.15" +version = "0.3.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d634a985c4d4238ec39cacaed2e7ae552fbd3c476b552c1deac3021b7d7eaf0c" +checksum = "a561bf4617eebd33bca6434b988f39ed798e527f51a1e797d0ee4f61c0a38376" dependencies = [ "itoa 1.0.4", - "libc", - "num_threads", "serde", + "time-core", "time-macros", ] +[[package]] +name = "time-core" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2e153e1f1acaef8acc537e68b44906d2db6436e2b35ac2c6b42640fff91f00fd" + [[package]] name = "time-macros" -version = "0.2.4" +version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "42657b1a6f4d817cda8e7a0ace261fe0cc946cf3a80314390b22cc61ae080792" +checksum = "d967f99f534ca7e495c575c62638eebc2898a8c84c119b89e250477bc4ba16b2" +dependencies = [ + "time-core", +] [[package]] name = "tinytemplate" @@ -5024,7 +5133,7 @@ dependencies = [ "git2", "rustversion", "thiserror", - "time 0.3.15", + "time 0.3.17", ] [[package]] @@ -5099,7 +5208,7 @@ dependencies = [ "system-interface", "tracing", "wasi-common", - "windows-sys", + "windows-sys 0.36.1", ] [[package]] @@ -5117,7 +5226,7 @@ dependencies = [ "thiserror", "tracing", "wiggle", - "windows-sys", + "windows-sys 0.36.1", ] [[package]] @@ -5206,9 +5315,9 @@ checksum = "1c38c045535d93ec4f0b4defec448e4291638ee608530863b1e2ba115d4fff7f" [[package]] name = "wasm-encoder" -version = "0.18.0" +version = "0.19.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c64ac98d5d61192cc45c701b7e4bd0b9aff91e2edfc7a088406cfe2288581e2c" +checksum = "c5816e88e8ea7335016aa62eb0485747f786136d505a9b3890f8c400211d9b5f" dependencies = [ "leb128", ] @@ -5253,7 +5362,7 @@ dependencies = [ "wasmtime-jit", "wasmtime-runtime", "wat", - "windows-sys", + "windows-sys 0.36.1", ] [[package]] @@ -5272,7 +5381,7 @@ dependencies = [ "serde", "sha2 0.9.9", "toml", - "windows-sys", + "windows-sys 0.36.1", "zstd", ] @@ -5327,7 +5436,7 @@ dependencies = [ "cc", "cfg-if", "rustix", - "windows-sys", + "windows-sys 0.36.1", ] [[package]] @@ -5354,7 +5463,7 @@ dependencies = [ "wasmtime-environ", "wasmtime-jit-debug", "wasmtime-runtime", - "windows-sys", + "windows-sys 0.36.1", ] [[package]] @@ -5392,7 +5501,7 @@ dependencies = [ "wasmtime-environ", "wasmtime-fiber", "wasmtime-jit-debug", - "windows-sys", + "windows-sys 0.36.1", ] [[package]] @@ -5432,9 +5541,9 @@ dependencies = [ [[package]] name = "wast" -version = "47.0.1" +version = "48.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "02b98502f3978adea49551e801a6687678e6015317d7d9470a67fe813393f2a8" +checksum = "84825b5ac7164df8260c9e2b2e814075334edbe7ac426f2469b93a5eeac23cce" dependencies = [ "leb128", "memchr", @@ -5444,11 +5553,11 @@ dependencies = [ [[package]] name = "wat" -version = "1.0.49" +version = "1.0.50" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7aab4e20c60429fbba9670a6cae0fff9520046ba0aa3e6d0b1cd2653bea14898" +checksum = "129da4a03ec6d2a815f42c88f641824e789d5be0d86d2f90aa8a218c7068e0be" dependencies = [ - "wast 47.0.1", + "wast 48.0.0", ] [[package]] @@ -5673,43 +5782,100 @@ version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ea04155a16a59f9eab786fe12a4a450e75cdb175f9e0d80da1e17db09f55b8d2" dependencies = [ - "windows_aarch64_msvc", - "windows_i686_gnu", - "windows_i686_msvc", - "windows_x86_64_gnu", - "windows_x86_64_msvc", + "windows_aarch64_msvc 0.36.1", + "windows_i686_gnu 0.36.1", + "windows_i686_msvc 0.36.1", + "windows_x86_64_gnu 0.36.1", + "windows_x86_64_msvc 0.36.1", +] + +[[package]] +name = "windows-sys" +version = "0.42.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a3e1820f08b8513f676f7ab6c1f99ff312fb97b553d30ff4dd86f9f15728aa7" +dependencies = [ + "windows_aarch64_gnullvm", + "windows_aarch64_msvc 0.42.0", + "windows_i686_gnu 0.42.0", + "windows_i686_msvc 0.42.0", + "windows_x86_64_gnu 0.42.0", + "windows_x86_64_gnullvm", + "windows_x86_64_msvc 0.42.0", ] +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.42.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "41d2aa71f6f0cbe00ae5167d90ef3cfe66527d6f613ca78ac8024c3ccab9a19e" + [[package]] name = "windows_aarch64_msvc" version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9bb8c3fd39ade2d67e9874ac4f3db21f0d710bee00fe7cab16949ec184eeaa47" +[[package]] +name = "windows_aarch64_msvc" +version = "0.42.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dd0f252f5a35cac83d6311b2e795981f5ee6e67eb1f9a7f64eb4500fbc4dcdb4" + [[package]] name = "windows_i686_gnu" version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "180e6ccf01daf4c426b846dfc66db1fc518f074baa793aa7d9b9aaeffad6a3b6" +[[package]] +name = "windows_i686_gnu" +version = "0.42.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fbeae19f6716841636c28d695375df17562ca208b2b7d0dc47635a50ae6c5de7" + [[package]] name = "windows_i686_msvc" version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e2e7917148b2812d1eeafaeb22a97e4813dfa60a3f8f78ebe204bcc88f12f024" +[[package]] +name = "windows_i686_msvc" +version = "0.42.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "84c12f65daa39dd2babe6e442988fc329d6243fdce47d7d2d155b8d874862246" + [[package]] name = "windows_x86_64_gnu" version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4dcd171b8776c41b97521e5da127a2d86ad280114807d0b2ab1e462bc764d9e1" +[[package]] +name = "windows_x86_64_gnu" +version = "0.42.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bf7b1b21b5362cbc318f686150e5bcea75ecedc74dd157d874d754a2ca44b0ed" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.42.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09d525d2ba30eeb3297665bd434a54297e4170c7f1a44cad4ef58095b4cd2028" + [[package]] name = "windows_x86_64_msvc" version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c811ca4a8c853ef420abd8592ba53ddbbac90410fab6903b3e79972a631f7680" +[[package]] +name = "windows_x86_64_msvc" +version = "0.42.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f40009d85759725a34da6d89a94e63d7bdc50a862acf0dbc7c8e488f1edcb6f5" + [[package]] name = "winreg" version = "0.10.1" @@ -5727,7 +5893,7 @@ checksum = "b7b01e010390eb263a4518c8cebf86cb67469d1511c00b749a47b64c39e8054d" dependencies = [ "bitflags", "io-lifetimes", - "windows-sys", + "windows-sys 0.36.1", ] [[package]] @@ -5857,9 +6023,9 @@ dependencies = [ [[package]] name = "xcb" -version = "1.1.1" +version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b127bf5bfe9dbb39118d6567e3773d4bbc795411a8e1ef7b7e056bccac0011a9" +checksum = "0faeb4d7e2d54fff4a0584f61297e86b106914af2029778de7b427f72564d6c5" dependencies = [ "bitflags", "libc", diff --git a/Cargo.toml b/Cargo.toml index 24372772ba..4e25049688 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -8,7 +8,7 @@ authors = [ "Fermyon Engineering " ] anyhow = "1.0" async-trait = "0.1" atty = "0.2" -bindle = { git = "https://github.com/fermyon/bindle", tag = "v0.8.2", default-features = false, features = ["client"] } +bindle = { git = "https://github.com/deislabs/bindle", branch = "main", default-features = false, features = ["client"] } bytes = "1.1" chrono = "0.4" clap = { version = "3.1.15", features = ["derive", "env"] } diff --git a/Makefile b/Makefile index c7e7baa567..e8a3c63ab1 100644 --- a/Makefile +++ b/Makefile @@ -30,8 +30,8 @@ test-integration: .PHONY: test-e2e test-e2e: - RUST_LOG=$(LOG_LEVEL) cargo test --test integration --features e2e-tests --no-fail-fast -- integration_tests::test_dependencies --nocapture - RUST_LOG=$(LOG_LEVEL) cargo test --test integration --features e2e-tests --no-fail-fast -- --skip integration_tests::test_dependencies --nocapture + RUST_LOG=$(LOG_LEVEL) cargo test --test integration --features e2e-tests --no-fail-fast -- integration_tests::e2e_tests::test_dependencies --nocapture + RUST_LOG=$(LOG_LEVEL) cargo test --test integration --features e2e-tests --no-fail-fast -- --skip integration_tests::e2e_tests::test_dependencies --nocapture .PHONY: test-outbound-redis test-outbound-redis: diff --git a/crates/loader/Cargo.toml b/crates/loader/Cargo.toml index a54ae5ed08..55197db7ec 100644 --- a/crates/loader/Cargo.toml +++ b/crates/loader/Cargo.toml @@ -7,8 +7,9 @@ authors = [ "Fermyon Engineering " ] [dependencies] anyhow = "1" async-trait = "0.1.52" -bindle = { git = "https://github.com/fermyon/bindle", tag = "v0.8.2", default-features = false, features = ["client"] } +bindle = { git = "https://github.com/deislabs/bindle", branch = "main", default-features = false, features = ["client"] } bytes = "1.1.0" +dirs = "4.0.0" futures = "0.3.17" glob = "0.3.0" itertools = "0.10.3" @@ -18,12 +19,14 @@ path-absolutize = "3.0.11" regex = "1.5.4" reqwest = "0.11.9" sha2 = "0.10.1" +semver = "1.0.14" serde = { version = "1.0", features = [ "derive" ] } spin-config = { path = "../config" } spin-manifest = { path = "../manifest" } tempfile = "3.3.0" tokio = { version = "1.11", features = [ "full" ] } -tokio-util = "0.6" +tokio-util = "0.7.4" toml = "0.5" tracing = { version = "0.1", features = [ "log" ] } +url = "2.2.2" walkdir = "2.3.2" diff --git a/crates/loader/src/bindle/connection.rs b/crates/loader/src/bindle/connection.rs index b015506371..97fcafd1af 100644 --- a/crates/loader/src/bindle/connection.rs +++ b/crates/loader/src/bindle/connection.rs @@ -1,9 +1,18 @@ -use std::sync::Arc; +use std::{path::PathBuf, sync::Arc}; -use bindle::client::{ - tokens::{HttpBasic, LongLivedToken, NoToken, TokenManager}, - Client, ClientBuilder, +use anyhow::{anyhow, Context, Result}; +use bindle::{ + client::{ + tokens::{HttpBasic, LongLivedToken, NoToken, TokenManager}, + Client, ClientBuilder, + }, + invoice::{ + signature::{KeyEntry, KeyRing}, + HealthResponse, + }, }; +use semver::{Version, VersionReq}; +use tracing::log; /// BindleConnectionInfo holds the details of a connection to a /// Bindle server, including url, insecure configuration and an @@ -13,53 +22,118 @@ pub struct BindleConnectionInfo { base_url: String, allow_insecure: bool, token_manager: AnyAuth, + keyring_path: PathBuf, } impl BindleConnectionInfo { /// Generates a new BindleConnectionInfo instance using the provided /// base_url, allow_insecure setting and optional username and password /// for basic http auth - pub fn new>( + pub async fn new>( base_url: I, allow_insecure: bool, username: Option, password: Option, - ) -> Self { + keyring_file: Option, + ) -> Result { + let base_url: String = base_url.into(); + check_bindle_healthz(&base_url).await?; + let token_manager: Box = match (username, password) { (Some(u), Some(p)) => Box::new(HttpBasic::new(&u, &p)), _ => Box::new(NoToken::default()), }; - Self { - base_url: base_url.into(), + let keyring_path = match keyring_file { + Some(dir) => dir, + None => { + let dir = ensure_config_dir().await?; + dir.join("keyring.toml") + } + }; + + Ok(Self { + base_url, allow_insecure, token_manager: AnyAuth { token_manager: Arc::new(token_manager), }, - } + keyring_path, + }) } /// Generates a new BindleConnectionInfo instance using the provided /// base_url, allow_insecure setting and token. - pub fn from_token>(base_url: I, allow_insecure: bool, token: I) -> Self { + pub async fn from_token>( + base_url: I, + allow_insecure: bool, + token: I, + keyring_file: Option, + ) -> Result { + let base_url: String = base_url.into(); + check_bindle_healthz(&base_url).await?; + let token_manager: Box = Box::new(LongLivedToken::new(&token.into())); - Self { - base_url: base_url.into(), + let keyring_path = match keyring_file { + Some(dir) => dir, + None => { + let dir = ensure_config_dir().await?; + dir.join("keyring.toml") + } + }; + + Ok(Self { + base_url, allow_insecure, token_manager: AnyAuth { token_manager: Arc::new(token_manager), }, - } + keyring_path, + }) } /// Returns a client based on this instance's configuration - pub fn client(&self) -> bindle::client::Result> { - let builder = ClientBuilder::default() + pub async fn client(&self) -> bindle::client::Result> { + let mut keyring = read_bindle_keyring(&self.keyring_path) + .await + .unwrap_or_else(|e| { + log::error!( + "can't read bindle keyring file {:?}, err: {:?}", + &self.keyring_path, + e + ); + KeyRing::default() + }); + + let tmp_client = ClientBuilder::default() + .http2_prior_knowledge(false) + .danger_accept_invalid_certs(self.allow_insecure) + .build( + &self.base_url, + self.token_manager.clone(), + Arc::new(keyring.clone()), + )?; + + log::trace!("Fetching host keys from bindle server"); + let host_keys = tmp_client.get_host_keys().await?; + let filtered_keys: Vec = host_keys + .key + .into_iter() + .filter(|k| !keyring.key.iter().any(|current| current.key == k.key)) + .collect(); + keyring.key.extend(filtered_keys); + log::info!("keyring: {:?}", &keyring); + + ClientBuilder::default() .http2_prior_knowledge(false) - .danger_accept_invalid_certs(self.allow_insecure); - builder.build(&self.base_url, self.token_manager.clone()) + .danger_accept_invalid_certs(self.allow_insecure) + .build( + &self.base_url, + self.token_manager.clone(), + Arc::new(keyring), + ) } /// Returns the base url for this client. @@ -84,3 +158,39 @@ impl TokenManager for AnyAuth { self.token_manager.apply_auth_header(builder).await } } + +async fn read_bindle_keyring(keyring_path: &PathBuf) -> bindle::client::Result { + let raw_data = tokio::fs::read(keyring_path).await?; + let res: KeyRing = toml::from_slice(&raw_data)?; + Ok(res) +} + +async fn ensure_config_dir() -> Result { + let dir = dirs::config_dir() + .map(|v| v.join("bindle/")) + .unwrap_or_else(|| "./bindle".into()); + tokio::fs::create_dir_all(&dir).await?; + Ok(dir) +} + +async fn check_bindle_healthz(url: &str) -> Result<()> { + let base_url = url::Url::parse(url)?; + let healthz_url = base_url.join("/healthz")?; + let result = reqwest::get(healthz_url.to_string()) + .await? + .error_for_status() + .with_context(|| format!("Bindle server {} is unhealthy", base_url))? + .json::() + .await.with_context(|| "Can't parse bindle server /healthz response as json, please run bindle-server with version >=0.9.0-rc.1")?; + + let server_version = Version::parse(&result.version) + .with_context(|| format!("can't parse version {}", &result.version))?; + let min_version_req = VersionReq::parse(">=0.9.0-rc.1")?; + if !min_version_req.matches(&server_version) { + return Err(anyhow!( + "bindle-server version is {}, please run bindle-server with version >= 0.9.0-rc.1", + &result.version + )); + } + Ok(()) +} diff --git a/crates/loader/src/bindle/mod.rs b/crates/loader/src/bindle/mod.rs index 46fea820a1..2b0ffb2951 100644 --- a/crates/loader/src/bindle/mod.rs +++ b/crates/loader/src/bindle/mod.rs @@ -10,7 +10,7 @@ mod connection; /// Bindle helper functions. mod utils; -use std::path::Path; +use std::path::{Path, PathBuf}; use anyhow::{anyhow, Context, Result}; use bindle::Invoice; @@ -33,11 +33,16 @@ pub use utils::SPIN_MANIFEST_MEDIA_TYPE; /// prepared application configuration consumable by a Spin execution context. /// If a directory is provided, use it as the base directory to expand the assets, /// otherwise create a new temporary directory. -pub async fn from_bindle(id: &str, url: &str, base_dst: impl AsRef) -> Result { +pub async fn from_bindle( + id: &str, + url: &str, + base_dst: impl AsRef, + keyring_file: Option, +) -> Result { // TODO // Handle Bindle authentication. - let connection_info = BindleConnectionInfo::new(url, false, None, None); - let client = connection_info.client()?; + let connection_info = BindleConnectionInfo::new(url, false, None, None, keyring_file).await?; + let client = connection_info.client().await?; let reader = BindleReader::remote(&client, &id.parse()?); prepare(id, url, &reader, base_dst).await diff --git a/crates/loader/src/bindle/utils.rs b/crates/loader/src/bindle/utils.rs index dd41d74c66..1136cd5abb 100644 --- a/crates/loader/src/bindle/utils.rs +++ b/crates/loader/src/bindle/utils.rs @@ -153,10 +153,16 @@ impl BindleReader { /// Get the invoice from the bindle source pub(crate) async fn get_invoice(&self) -> Result { match &self.inner { - BindleReaderInner::Remote(c, id) => c - .get_invoice(id) - .await - .with_context(|| anyhow!("Error fetching remote invoice {}", id)), + BindleReaderInner::Remote(c, id) => { + let remote_result = c + .get_invoice(id) + .await + .with_context(|| anyhow!("Error fetching remote invoice {}", id)); + match remote_result { + Ok(verified_invoice) => Ok(verified_invoice.into()), + Err(e) => Err(e), + } + } BindleReaderInner::Standalone(s) => { let bytes = fs::read(&s.invoice_file).await.with_context(|| { diff --git a/crates/loader/src/local/mod.rs b/crates/loader/src/local/mod.rs index ad240acf64..91d3a9f20d 100644 --- a/crates/loader/src/local/mod.rs +++ b/crates/loader/src/local/mod.rs @@ -173,7 +173,7 @@ async fn core( "Component {} requires a Bindle connection but none was specified", id ), - Some(c) => c.client()?, + Some(c) => c.client().await?, }; let bindle_reader = crate::bindle::BindleReader::remote(&client, &bindle_id); let bytes = bindle_reader diff --git a/crates/publish/Cargo.toml b/crates/publish/Cargo.toml index fee03dbb63..7ab706e9b6 100644 --- a/crates/publish/Cargo.toml +++ b/crates/publish/Cargo.toml @@ -6,7 +6,7 @@ authors = [ "Fermyon Engineering " ] [dependencies] anyhow = "1.0" -bindle = { git = "https://github.com/fermyon/bindle", tag = "v0.8.2", default-features = false, features = ["client"] } +bindle = { git = "https://github.com/deislabs/bindle", branch = "main", default-features = false, features = ["client"] } dunce = "1.0" futures = "0.3.14" itertools = "0.10.3" @@ -19,4 +19,5 @@ sha2 = "0.10.1" spin-loader = { path = "../loader" } tempfile = "3.3.0" tokio = "1.16.1" +dirs = "4.0.0" toml = "0.5" diff --git a/crates/publish/src/bindle_pusher.rs b/crates/publish/src/bindle_pusher.rs index f81b587dbc..91542600aa 100644 --- a/crates/publish/src/bindle_pusher.rs +++ b/crates/publish/src/bindle_pusher.rs @@ -11,7 +11,7 @@ pub async fn push_all( bindle_connection_info: spin_loader::bindle::BindleConnectionInfo, ) -> Result<()> { let reader = StandaloneRead::new(&path, bindle_id).await?; - let client = &bindle_connection_info.client().with_context(|| { + let client = &bindle_connection_info.client().await.with_context(|| { format!( "Failed to create a bindle client for server '{}'", &bindle_connection_info.base_url() diff --git a/crates/publish/src/expander.rs b/crates/publish/src/expander.rs index cf8b7b8e08..fb92845a03 100644 --- a/crates/publish/src/expander.rs +++ b/crates/publish/src/expander.rs @@ -2,7 +2,13 @@ use crate::bindle_writer::{self, ParcelSources}; use anyhow::{Context, Result}; -use bindle::{BindleSpec, Condition, Group, Invoice, Label, Parcel}; +use bindle::{ + invoice::{ + signature::{LabelMatch, SecretKeyEntry, SecretKeyFile}, + SignatureRole, + }, + BindleSpec, Condition, Group, Invoice, Label, Parcel, +}; use path_absolutize::Absolutize; use semver::BuildMetadata; use sha2::{Digest, Sha256}; @@ -17,6 +23,10 @@ pub async fn expand_manifest( app_file: impl AsRef, buildinfo: Option, scratch_dir: impl AsRef, + bindle_secret_file: Option, + bindle_role: Option, + bindle_label: Option, + bindle_label_matching: Option, ) -> Result<(Invoice, ParcelSources)> { let app_file = app_file .as_ref() @@ -27,6 +37,36 @@ pub async fn expand_manifest( let local_schema::RawAppManifestAnyVersion::V1(manifest) = manifest; let app_dir = app_dir(&app_file)?; + // bindle secret key file + let bindle_secret_file_path = get_bindle_secret_file_path(bindle_secret_file).await?; + + // bindle role + let bindle_role = if let Some(r) = bindle_role { + r.parse() + .map_err(|e| anyhow::anyhow!("Can't parse {}, err: {}", &r, e))? + } else { + SignatureRole::Creator + }; + + let bindle_label_match_type = match (bindle_label, bindle_label_matching) { + (Some(label), None) => Some(LabelMatch::FullMatch(label)), + (None, Some(label_matching)) => Some(LabelMatch::PartialMatch(label_matching)), + (None, None) => None, + _ => { + unreachable!( + "both bindle-label and bindle-label-matching cannot be present at the same time" + ) + } + }; + + // bindle key + let bindle_key = get_bindle_first_matching_key( + bindle_secret_file_path, + &bindle_role, + bindle_label_match_type.as_ref(), + ) + .await?; + // * create a new spin.toml-like document where // - each component changes its `files` entry to a group name // - each component changes its `source` entry to a parcel SHA @@ -60,7 +100,7 @@ pub async fn expand_manifest( let bindle_id = bindle_id(&manifest.info, buildinfo)?; let groups = build_groups(&manifest); - let invoice = Invoice { + let mut invoice = Invoice { bindle_version: "1.0.0".to_owned(), yanked: None, bindle: BindleSpec { @@ -74,6 +114,7 @@ pub async fn expand_manifest( signature: None, yanked_signature: None, }; + invoice.sign(bindle_role.clone(), &bindle_key)?; Ok((invoice, sources)) } @@ -422,3 +463,51 @@ fn split_sources(sourced_parcels: Vec) -> (Vec, ParcelSou (parcels.collect(), parcel_sources) } + +/// Get the config dir, ensuring that it exists. +/// +/// This will return the default config directory. If that directory does not +/// exist, it will be created before the path is returned. +/// +/// If the system does not have a configuration directory, this will create a directory named +/// `bindle/` in the local working directory. +pub async fn ensure_config_dir() -> Result { + let dir = dirs::config_dir() + .map(|v| v.join("bindle/")) + .unwrap_or_else(|| "./bindle".into()); + tokio::fs::create_dir_all(&dir).await?; + Ok(dir) +} + +async fn get_bindle_secret_file_path(bindle_secret_file: Option) -> Result { + match bindle_secret_file { + Some(dir) => Ok(dir), + None => { + let dir = ensure_config_dir().await?; + Ok(dir.join("secret_keys.toml")) + } + } +} + +async fn get_bindle_first_matching_key( + fpath: PathBuf, + role: &SignatureRole, + label_match: Option<&LabelMatch>, +) -> Result { + let keys = SecretKeyFile::load_file(&fpath) + .await + .with_context(|| format!("can't read file {:?}", &fpath))?; + + keys.key + .iter() + .find(|k| { + k.roles.contains(role) + && match label_match { + Some(LabelMatch::FullMatch(label)) => k.label.eq(label), + Some(LabelMatch::PartialMatch(label)) => k.label.contains(label), + None => true, + } + }) + .map(|k| k.to_owned()) + .ok_or_else(|| anyhow::anyhow!("No satisfactory key found")) +} diff --git a/crates/publish/src/lib.rs b/crates/publish/src/lib.rs index fbc53d0245..92b3de43f1 100644 --- a/crates/publish/src/lib.rs +++ b/crates/publish/src/lib.rs @@ -8,4 +8,4 @@ mod expander; pub use bindle_pusher::push_all; pub use bindle_writer::write; -pub use expander::expand_manifest; +pub use expander::{ensure_config_dir, expand_manifest}; diff --git a/src/commands/bindle.rs b/src/commands/bindle.rs index 44fc9b4ae8..c81238e416 100644 --- a/src/commands/bindle.rs +++ b/src/commands/bindle.rs @@ -52,6 +52,39 @@ pub struct Prepare { short = 'd', )] pub staging_dir: PathBuf, + + /// Bindle secret file path to load key. Defaults to $XDG_CONFIG/bindle/secret_keys.toml. + #[clap( + name = BINDLE_SECRET_FILE, + long = "bindle-secret-file", + env = BINDLE_SECRET_FILE, + )] + pub bindle_secret_file: Option, + + /// Bindle role to sign the file. Defaults to Creator. + #[clap( + name = BINDLE_ROLE, + long = "bindle-role", + env = BINDLE_ROLE, + )] + pub bindle_role: Option, + + /// Bindle key label. + #[clap( + name = BINDLE_LABEL, + long = "bindle-label", + env = BINDLE_LABEL, + conflicts_with = BINDLE_LABEL_MATCHING, + )] + pub bindle_label: Option, + + /// Bindle label which partially matches keys. + #[clap( + name = BINDLE_LABEL_MATCHING, + long = "bindle-label-matching", + env = BINDLE_LABEL_MATCHING, + )] + pub bindle_label_matching: Option, } /// Publish an application as a bindle. @@ -116,6 +149,47 @@ pub struct Push { takes_value = false, )] pub insecure: bool, + + /// Bindle secret file path to load key + #[clap( + name = BINDLE_SECRET_FILE, + long = "bindle-secret-file", + env = BINDLE_SECRET_FILE, + )] + pub bindle_secret_file: Option, + + /// Bindle keyring file path. Defaults to $XDG_CONFIG/bindle/keyring.toml. + #[clap( + name = BINDLE_KEYRING_FILE, + long = "bindle-keyring-file", + env = BINDLE_KEYRING_FILE, + )] + pub bindle_keyring_file: Option, + + /// Bindle role to sign the file + #[clap( + name = BINDLE_ROLE, + long = "bindle-role", + env = BINDLE_ROLE, + )] + pub bindle_role: Option, + + /// Bindle key label + #[clap( + name = BINDLE_LABEL, + long = "bindle-label", + env = BINDLE_LABEL, + conflicts_with = BINDLE_LABEL_MATCHING, + )] + pub bindle_label: Option, + + /// Bindle label which partially matches keys + #[clap( + name = BINDLE_LABEL_MATCHING, + long = "bindle-label-matching", + env = BINDLE_LABEL_MATCHING, + )] + pub bindle_label_matching: Option, } impl Prepare { @@ -128,9 +202,17 @@ impl Prepare { let dest_dir = &self.staging_dir; - let (invoice, sources) = spin_publish::expand_manifest(app_file, self.buildinfo, &dest_dir) - .await - .with_context(|| format!("Failed to expand '{}' to a bindle", app_file.display()))?; + let (invoice, sources) = spin_publish::expand_manifest( + app_file, + self.buildinfo, + &dest_dir, + self.bindle_secret_file, + self.bindle_role, + self.bindle_label, + self.bindle_label_matching, + ) + .await + .with_context(|| format!("Failed to expand '{}' to a bindle", app_file.display()))?; let bindle_id = &invoice.bindle.id; @@ -161,7 +243,9 @@ impl Push { self.insecure, self.bindle_username, self.bindle_password, - ); + self.bindle_keyring_file.clone(), + ) + .await?; // TODO: only create this if not given a staging dir let temp_dir = tempfile::tempdir()?; @@ -171,9 +255,17 @@ impl Push { Some(path) => path.as_path(), }; - let (invoice, sources) = spin_publish::expand_manifest(app_file, self.buildinfo, &dest_dir) - .await - .with_context(|| format!("Failed to expand '{}' to a bindle", app_file.display()))?; + let (invoice, sources) = spin_publish::expand_manifest( + app_file, + self.buildinfo, + &dest_dir, + self.bindle_secret_file, + self.bindle_role, + self.bindle_label, + self.bindle_label_matching, + ) + .await + .with_context(|| format!("Failed to expand '{}' to a bindle", app_file.display()))?; let bindle_id = &invoice.bindle.id; diff --git a/src/commands/deploy.rs b/src/commands/deploy.rs index 7c05c97589..3e1e0893ce 100644 --- a/src/commands/deploy.rs +++ b/src/commands/deploy.rs @@ -48,6 +48,55 @@ pub struct DeployCommand { )] pub app: PathBuf, + /// Bindle secret file path to load key + #[clap( + name = BINDLE_SECRET_FILE, + long = "bindle-secret-file", + env = BINDLE_SECRET_FILE, + )] + pub bindle_secret_file: Option, + + /// Bindle keyring file path. Defaults to $XDG_CONFIG/bindle/keyring.toml. + #[clap( + name = BINDLE_KEYRING_FILE, + long = "bindle-keyring-file", + env = BINDLE_KEYRING_FILE, + )] + pub bindle_keyring_file: Option, + + /// Bindle role to sign the file + #[clap( + name = BINDLE_ROLE, + long = "bindle-role", + env = BINDLE_ROLE, + )] + pub bindle_role: Option, + + /// Bindle key label + #[clap( + name = BINDLE_LABEL, + long = "bindle-label", + env = BINDLE_LABEL, + )] + pub bindle_label: Option, + + /// Bindle label which partially matches keys + #[clap( + name = BINDLE_LABEL_MATCHING, + long = "bindle-label-matching", + env = BINDLE_LABEL_MATCHING, + )] + pub bindle_label_matching: Option, + + /// Ignore server certificate errors from bindle and hippo + #[clap( + name = INSECURE_OPT, + short = 'k', + long = "insecure", + takes_value = false, + )] + pub insecure: bool, + /// Path to assemble the bindle before pushing (defaults to /// a temporary directory) #[clap( @@ -201,7 +250,9 @@ impl DeployCommand { login_connection.danger_accept_invalid_certs, login_connection.bindle_username, login_connection.bindle_password, - ); + self.bindle_keyring_file.clone(), + ) + .await?; let bindle_id = self .create_and_push_bindle(buildinfo, bindle_connection_info) @@ -341,7 +392,9 @@ impl DeployCommand { su.join(BINDLE_REGISTRY_URL_PATH)?.to_string(), login_connection.danger_accept_invalid_certs, login_connection.token, - ); + self.bindle_keyring_file.clone(), + ) + .await?; let bindle_id = self .create_and_push_bindle(buildinfo, bindle_connection_info) @@ -574,9 +627,17 @@ impl DeployCommand { None => temp_dir.path(), Some(path) => path.as_path(), }; - let (invoice, sources) = spin_publish::expand_manifest(&self.app, buildinfo, &dest_dir) - .await - .with_context(|| format!("Failed to expand '{}' to a bindle", self.app.display()))?; + let (invoice, sources) = spin_publish::expand_manifest( + &self.app, + buildinfo, + &dest_dir, + self.bindle_secret_file.clone(), + self.bindle_role.clone(), + self.bindle_label.clone(), + self.bindle_label_matching.clone(), + ) + .await + .with_context(|| format!("Failed to expand '{}' to a bindle", self.app.display()))?; let bindle_id = &invoice.bindle.id; diff --git a/src/commands/up.rs b/src/commands/up.rs index 958a59ccd2..c55986ca4d 100644 --- a/src/commands/up.rs +++ b/src/commands/up.rs @@ -70,6 +70,14 @@ pub struct UpCommand { )] pub bindle_password: Option, + /// Bindle keyring file path. Defaults to $XDG_CONFIG/bindle/keyring.toml. + #[clap( + name = BINDLE_KEYRING_FILE, + long = "bindle-keyring-file", + env = BINDLE_KEYRING_FILE, + )] + pub bindle_keyring_file: Option, + /// Ignore server certificate errors from bindle server #[clap( name = INSECURE_OPT, @@ -126,11 +134,19 @@ impl UpCommand { let manifest_file = app .as_deref() .unwrap_or_else(|| DEFAULT_MANIFEST_FILE.as_ref()); - let bindle_connection = self.bindle_connection(); + let bindle_connection = self.bindle_connection().await?; spin_loader::from_file(manifest_file, &working_dir, &bindle_connection).await? } (None, Some(bindle)) => match &self.server { - Some(server) => spin_loader::from_bindle(bindle, server, &working_dir).await?, + Some(server) => { + spin_loader::from_bindle( + bindle, + server, + &working_dir, + self.bindle_keyring_file.clone(), + ) + .await? + } _ => bail!("Loading from a bindle requires a Bindle server URL"), }, (Some(_), Some(_)) => bail!("Specify only one of app file or bindle ID"), @@ -199,15 +215,20 @@ impl UpCommand { } } - fn bindle_connection(&self) -> Option { - self.server.as_ref().map(|url| { - BindleConnectionInfo::new( - url, - self.insecure, - self.bindle_username.clone(), - self.bindle_password.clone(), - ) - }) + async fn bindle_connection(&self) -> Result> { + match self.server.as_ref() { + Some(url) => Ok(Some( + BindleConnectionInfo::new( + url, + self.insecure, + self.bindle_username.clone(), + self.bindle_password.clone(), + self.bindle_keyring_file.clone(), + ) + .await?, + )), + None => Ok(None), + } } } diff --git a/src/opts.rs b/src/opts.rs index cea8a46ba8..5d6424e34d 100644 --- a/src/opts.rs +++ b/src/opts.rs @@ -5,6 +5,11 @@ pub const BINDLE_SERVER_URL_OPT: &str = "BINDLE_SERVER_URL"; pub const BINDLE_URL_ENV: &str = "BINDLE_URL"; pub const BINDLE_USERNAME: &str = "BINDLE_USERNAME"; pub const BINDLE_PASSWORD: &str = "BINDLE_PASSWORD"; +pub const BINDLE_SECRET_FILE: &str = "BINDLE_SECRET_FILE"; +pub const BINDLE_KEYRING_FILE: &str = "BINDLE_KEYRING_FILE"; +pub const BINDLE_LABEL: &str = "BINDLE_LABEL"; +pub const BINDLE_LABEL_MATCHING: &str = "BINDLE_LABEL_MATCHING"; +pub const BINDLE_ROLE: &str = "BINDLE_ROLE"; pub const BUILDINFO_OPT: &str = "BUILDINFO"; pub const INSECURE_OPT: &str = "INSECURE"; pub const STAGING_DIR_OPT: &str = "STAGING_DIR"; diff --git a/tests/http/client_keyring.toml b/tests/http/client_keyring.toml new file mode 100644 index 0000000000..cdd39f964c --- /dev/null +++ b/tests/http/client_keyring.toml @@ -0,0 +1,7 @@ +version = "1.0" + +[[key]] +label = "Test" +roles = ["creator"] +key = "HfXxdRvgUWEE0f36EIa8+njPJVoMvmF6/gO/T19aV90=" +labelSignature = "En2GtxiLbzAIoFu2zQ5HWXwck5lONq/ALYGt8RQYUDNpStk23JcaN/Gx9zh9oEJGnVeDwHLNj9/Cql6j23O1Cw==" diff --git a/tests/http/client_secret_keys.toml b/tests/http/client_secret_keys.toml new file mode 100644 index 0000000000..8821f0febe --- /dev/null +++ b/tests/http/client_secret_keys.toml @@ -0,0 +1,6 @@ +version = "1.0" + +[[key]] +label = "Test" +keypair = "O6QdMC7mvxepvqDIXtj9b66ooMf4Mlz4Mmz65Em2Q8Ed9fF1G+BRYQTR/foQhrz6eM8lWgy+YXr+A79PX1pX3Q==" +roles = ["creator"] diff --git a/tests/http/server_keyring.toml b/tests/http/server_keyring.toml new file mode 100644 index 0000000000..cdd39f964c --- /dev/null +++ b/tests/http/server_keyring.toml @@ -0,0 +1,7 @@ +version = "1.0" + +[[key]] +label = "Test" +roles = ["creator"] +key = "HfXxdRvgUWEE0f36EIa8+njPJVoMvmF6/gO/T19aV90=" +labelSignature = "En2GtxiLbzAIoFu2zQ5HWXwck5lONq/ALYGt8RQYUDNpStk23JcaN/Gx9zh9oEJGnVeDwHLNj9/Cql6j23O1Cw==" diff --git a/tests/integration.rs b/tests/integration.rs index 8b410f228c..7eba402491 100644 --- a/tests/integration.rs +++ b/tests/integration.rs @@ -49,6 +49,10 @@ mod integration_tests { const BINDLE_SERVER_BASIC_AUTH_HTPASSWD_FILE: &str = "tests/http/htpasswd"; const BINDLE_SERVER_BASIC_AUTH_USER: &str = "bindle-user"; const BINDLE_SERVER_BASIC_AUTH_PASSWORD: &str = "topsecret"; + const BINDLE_CLIENT_SECRET_FILE: &str = "tests/http/client_secret_keys.toml"; + pub const BINDLE_CLIENT_KEYRING_FILE: &str = "tests/http/server_keyring.toml"; + const BINDLE_SERVER_KEYRING_FILE: &str = "tests/http/client_keyring.toml"; + const BINDLE_LABEL: &str = "\"Test\""; const HIPPO_BASIC_AUTH_USER: &str = "hippo-user"; const HIPPO_BASIC_AUTH_PASSWORD: &str = "topsecret"; @@ -88,6 +92,12 @@ mod integration_tests { ), "--bindle-server", &b.url, + "--bindle-secret-file", + BINDLE_CLIENT_SECRET_FILE, + "--bindle-keyring-file", + BINDLE_CLIENT_KEYRING_FILE, + "--bindle-label", + BINDLE_LABEL, ], None, None, @@ -129,6 +139,12 @@ mod integration_tests { BINDLE_SERVER_BASIC_AUTH_USER, "--bindle-password", BINDLE_SERVER_BASIC_AUTH_PASSWORD, + "--bindle-secret-file", + BINDLE_CLIENT_SECRET_FILE, + "--bindle-keyring-file", + BINDLE_CLIENT_KEYRING_FILE, + "--bindle-label", + BINDLE_LABEL, ], None, None, @@ -166,6 +182,12 @@ mod integration_tests { ), "--bindle-server", &b.url, + "--bindle-secret-file", + BINDLE_CLIENT_SECRET_FILE, + "--bindle-keyring-file", + BINDLE_CLIENT_KEYRING_FILE, + "--bindle-label", + BINDLE_LABEL, ], None, None, @@ -211,6 +233,12 @@ mod integration_tests { ), "--bindle-server", &b.url, + "--bindle-secret-file", + BINDLE_CLIENT_SECRET_FILE, + "--bindle-keyring-file", + BINDLE_CLIENT_KEYRING_FILE, + "--bindle-label", + BINDLE_LABEL, ], None, None, @@ -266,6 +294,12 @@ mod integration_tests { ), "--bindle-server", &b.url, + "--bindle-secret-file", + BINDLE_CLIENT_SECRET_FILE, + "--bindle-keyring-file", + BINDLE_CLIENT_KEYRING_FILE, + "--bindle-label", + BINDLE_LABEL, ], None, None, @@ -327,6 +361,12 @@ mod integration_tests { "{}/{}", RUST_HTTP_HEADERS_ENV_ROUTES_TEST, DEFAULT_MANIFEST_LOCATION ), + "--bindle-secret-file", + BINDLE_CLIENT_SECRET_FILE, + "--bindle-keyring-file", + BINDLE_CLIENT_KEYRING_FILE, + "--bindle-label", + BINDLE_LABEL, ], None, None, @@ -406,6 +446,8 @@ mod integration_tests { server_cache.path().to_string_lossy().to_string().as_str(), "-i", address.as_str(), + "--keyring", + BINDLE_SERVER_KEYRING_FILE, ], auth_args.as_slice(), ] @@ -871,6 +913,8 @@ mod integration_tests { bindle_url, "--listen", &url, + "--bindle-keyring-file", + e2e_tests::BINDLE_CLIENT_KEYRING_FILE, ]; for v in env { args.push("--env");